CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Opensuse » Backports » Sle-15 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:opensuse:backports:sle-15:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-5839 20 Bypass 2019-06-27 2019-07-25
4.3
None Remote Medium Not required None Partial None
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
2 CVE-2019-5838 20 Bypass 2019-06-27 2019-07-25
4.3
None Remote Medium Not required None Partial None
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
3 CVE-2019-5837 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4 CVE-2019-5836 787 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
5 CVE-2019-5835 125 2019-06-27 2019-07-25
4.3
None Remote Medium Not required Partial None None
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
6 CVE-2019-5834 20 2019-06-27 2019-07-25
4.3
None Remote Medium Not required None Partial None
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
7 CVE-2019-5833 2019-06-27 2020-08-24
4.3
None Remote Medium Not required None Partial None
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
8 CVE-2019-5832 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
9 CVE-2019-5831 787 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
10 CVE-2019-5830 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
11 CVE-2019-5829 190 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
12 CVE-2019-5828 416 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
13 CVE-2019-5827 787 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
14 CVE-2019-5824 787 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
15 CVE-2019-5823 601 Bypass 2019-06-27 2019-07-25
5.8
None Remote Medium Not required Partial Partial None
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
16 CVE-2019-5822 284 Bypass 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
17 CVE-2019-5821 787 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
18 CVE-2019-5820 787 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
19 CVE-2019-5819 20 Exec Code 2019-06-27 2019-07-25
4.4
None Local Medium Not required Partial Partial Partial
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
20 CVE-2019-5818 908 +Info 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
21 CVE-2019-5817 787 Overflow 2019-06-27 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22 CVE-2019-5816 664 2019-06-27 2019-07-25
6.8
None Remote Medium Not required Partial Partial Partial
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
23 CVE-2019-5814 352 2019-06-27 2020-08-24
4.3
None Remote Medium Not required Partial None None
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Total number of vulnerabilities : 23   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.